CVE-2015-2348

creationtimestamp| type| source ---|---|--- 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

MiracleLinux 3 : lftp-3.7.11-4AXS3 (AXSA:2009-390:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-390:01 advisory. LFTP is a sophisticated ftp/http file transfer program. Like bash, it has job control and uses the readline library for input. It has bookmarks, built-in...

EUVD-2026-2348

A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticat...

CVE-2021-2348

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce component: Tools and Frameworks. The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2023-2348

A vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /admin/user/manageuser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. T...

CVE-2025-2348

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local...

CVE-2025-2348

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local...

CVE-2025-2348

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local...

CVE-2025-2348 IROAD Dash Cam FX2 HTTP/RTSP event information disclosure

A vulnerability was found in IROAD Dash Cam FX2 up to 20250308. It has been classified as problematic. Affected is an unknown function of the file /mnt/extsd/event/ of the component HTTP/RTSP. The manipulation leads to information disclosure. The attack needs to be initiated within the local...

Linux Distros Unpatched Vulnerability : CVE-2007-2348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mirror --script in lftp before 3.5.9 does not properly quote shell metacharacters, which might allow remote user-assisted attackers to execute shell commands vi...

CVE-2024-2348

creationtimestamp| type| source ---|---|--- 2025-02-26 18:24:05+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5561...

Oracle Linux 9 : python-jinja2 (ELSA-2024-2348)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-2348 advisory. 2.11.3-5 - Security fix for CVE-2024-22195 Resolves: RHEL-21349 Tenable has extracted the preceding description block directly from the Oracle Linux security...

CVE-2024-2348

The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Meta widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level acce...

CVE-2024-2348 Gum Elementor Addon <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Post Meta Widget

The Gum Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post Meta widget in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level acce...

CVE-2024-2348

Gum Elementor Addon for WordPress ≤ 1.3.2 is vulnerable to Stored Cross-Site Scripting via the Post Meta widget due to insufficient input sanitization/output escaping. Exploitation requires authenticated access (subscriber or higher). A fixed version, 1.3.3, is available; updating to &gt;1.3.2 is...

CVE-2011-2348

creationtimestamp| type| source ---|---|--- 2024-03-25 11:49:23+00:00| seen| https://t.me/ETHICALHACKERSCOMMUNITY2/3889 2024-03-25 14:38:09+00:00| seen| Telegram/HKj6TR4hMohrGsEUcNFDijNGdim3MCZhggfzha3EYtXw 2024-03-25 14:38:09+00:00| seen| https://t.me/tengkorakcybercrewz/4400 2024-03-25...

WordPress Gum Elementor Addon Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)

Software Gum Elementor Addon Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2348 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24199562026b Credits Francesco Carlucci...

Advisory ROSA-SA-2024-2348

Software: grub2 2.02 OS: rosa-server79 packageevrstring: grub2-2.02-0.87.0.1.res7.11 CVE-ID: CVE-2022-2601 BDU-ID: 2022-06819 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the grubfontconstructglyph function of the Grub2 operating systems boot loader is related to an operation exceeding buffer...

Amazon Linux 2 : wireshark (ALAS-2023-2348)

The version of wireshark installed on the remote host is prior to 2.6.2-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2348 advisory. A heap based buffer overflow in Wireshark's NetScreen file parser may lead to a local arbitrary code execution via a crafted...

Oracle Linux 5 : lftp (ELSA-2009-1278)

The remote Oracle Linux 5 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2009-1278 advisory. - Resolves: 239334 solves CVE-2007-2348 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus...